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Top Stories 

• A former La Jolla Bank official pleaded guilty September 25 to a bribery scheme in which 
she conspired with senior executives to arrange over $55 million in loans to unqualified 
borrowers. - San Diego Union-Tribune (See item 3) 

• California officials re-adopted the low-carbon fuel standard September 25, requiring 
producers to cut transportation fuel emissions 10 percent by 2020. - Associated Press (See 
item 9) 

• The U.S. Department of Health and Human Services released an audit September 24 on the 
Multidimensional Insurance Data Analytics System and found that it had issues with its 
security policy and 135 database vulnerabilities. - Associated Press (See item 20 ) 

• Officials reported September 27 that up to 40 people were injured at the Summer Ends 
music festival in Tempe Beach Park September 26 after concert-goers rushed the stage, 
prompting authorities to cancel a musical set due to a medical emergency. - Associated 
Press (See item 28 ) 
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Energy Sector 

See item 9 

Chemical Industry Sector 

Nothing to report 

Nuclear Reactors, Materials, and Waste Sector 

1. September 25, Columbia The State - (South Carolina) Exclusive: 3 Westinghouse 
workers burned in Columbia plant incident Friday. Authorities reported September 
25 that a mechanical issue at the Columbia Westinghouse nuclear fuel production plant 
in South Carolina prompted the closure of the final fuel rod assembly area and 
triggered an internal investigation following a steam eruption from a wash tank that 
injured three employees. 

Source: http://www.thestate.com/news/local/article36637578.html 

Critical Manufacturing Sector 

2. September 25, Associated Press - (Minnesota) US Steel to idle Keetac taconite plant 
in Keewatin, says 210 layoffs are possible. U.S. Steel officials announced plans to 
idle the Keetac taconite plant in Keewatin, Minnesota, beginning on or after October 
11, citing market conditions as a reason. 

Source: http://www.startribune.com/us-steel-to-idle-keetac-taconite-plant-layoffs- 
possible/329574921/ 

Defense Industrial Base Sector 

Nothing to report 

Financial Services Sector 

3. September 26, San Diego Union-Tribune - (California) Guilty plea in La Jolla 
bribery scheme. A former head of La Jolla Bank’s Small Business Administration 
(SBA) lending department pleaded guilty September 25 to a bribery scheme in which 
she conspired with senior executives to arrange over $55 million in loans to unqualified 
borrowers, for which she and other executives took cash bribes and kickbacks in 
exchange. Hundreds of millions of dollars’ worth of conventional loans were reportedly 
part of the scheme, and the SBA-backed loans issued by the suspect resulted in almost 
$20 million worth of bank losses. 

Source: http://www.sandiegouniontribune.com/news/2015/sep/26/Amalia-Martinez- 
guilty-la-jolla-bank-bribery/ 

4. September 25, Press of Atlantic City - (New Jersey) Suspects skimmed Margate 
bank customers’ info, police say. Margate Police and U.S. Secret Service officials 
were investigating reports of fraud September 25 after ATM skimming devices 
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installed on Bank of America ATMs in July reportedly resulted in losses of over 
$50,000 to 40 customers. 

Source: http://www.pressofatlanticcity.com/news/suspects-skimmed-margate-bank- 
customers-info-police-say/article 286e6f8a-63c5-lle5-a659-eb719al0e4d0.html 

For another story, see item 27 

Transportation Systems Sector 

5. September 27, WNCT 9 Greenville - (North Carolina) Highway 12 reopened on 
Ocracoke Island, use caution. Highway 12 between mile marker 77 and 73 in 
Ocracoke reopened September 27 after being shut down following heavy rains and 
flooding September 26. The Hatteras/Ocracoke Ferry also resumed operation. 

Source: http://wnct.com/2015/09/26/part-of-highwav-12-on-ocracoke-island-closed- 
due-to-flooding/ 

6. September 26, KSL 102.7 FM Salt Lake City - (Utah) Zion-Mt. Carmel Highway 
reopens after rock fall. The Zion-Mt. Carmel Highway in Utah reopened September 
26 following a 3-day closure while crews cleared the roadway after large boulders fell 
onto the highway September 23. 

Source: http://www.ksl.com/?sid=36704532&nid=148&title=zion-mt-carmel-highway- 
reopens-after-rock-fall 

7. September 26, KMGH 7 Denver - (Colorado) 2 dead after crashing into semi on 
Highway 85 near Fort Lupton. Highway 85 near Fort Lupton was shut down in both 
directions for several hours while crews investigated a crash between a motorcycle and 
a semi-truck that killed 2 people September 25. 

Source: http://www.thedenverchannel.com/news/front-range/fort-lupton/highwav-85- 
closed-near-fort-lupton-due-to-accident 

8. September 26, WKYC 3 Cleveland - (Ohio) 1-90 reopens, bomb squad detonates 
device. Police reopened Interstate 90 in Cleveland after being shut down for 
approximately 6 hours while a bomb squad detonated a suspicious packaged that was 
discovered to be a pipe bomb September 26. No injuries were reported. 

Source: http://www.wkvc.com/story/news/local/cleveland/2015/09/26/-90-shut-down- 
both-ways-near-mlk-exit/72894332/ 

9. September 25, Associated Press - (California) California regulators restore 
emissions-cutting fuel rule. California officials re-adopted its low-carbon fuel 
standard September 25, requiring producers to cut transportation fuel emissions 10 
percent by 2020. The changes are also expected to increase the cost of gasoline and 
diesel fuel a few cents a gallon. 

Source: http://lompocrecord.com/news/state-and-regional/califomia-regulators-restore- 
emissions-cutting- fuel-rule/article 6dd7 fd9 1 -449 1 -5272-8649- 
fce6bld31eaa.html?comment form=true 
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Food and Agriculture Sector 



10. September 28, U.S. Food and Drug Administration - (National) Truco Enterprises 
recalls 18oz Cafe Style Tortilla Chips due to possible presence of undeclared milk 
allergen. Carrollton, Texas-based Truco Enterprises issued a recall of select packages 
of On The Border Cafe Style Tortilla Chips in 18 ounce packages September 26 after a 
supplier notified the company that the products may have been exposed to a milk- 
containing ingredient. The products were distributed in several States. 

Source: http://www.fda.gov/Safety/Recalls/ucm464437.htm 

11. September 25, U.S. Food and Drug Administration - (National) TF Supplements 
issues voluntary nationwide recall of dietary supplements with undeclared active 
pharmaceutical ingredients. The U.S. Food and Drug Administration (FDA) reported 
September 25 that Houston-based TF Supplements issued a voluntary recall of its 
RHINO 7 products packaged in a bottle containing 6 capsules and a 1 count of capsule 
hang card after an FDA analysis found misbranding and two unapproved drugs, 
desmethyl carbondenafil and dapoxetine, in the products. 

Source: http://www.fda.gov/Safety/Recalls/ucm464440.htm 

12. September 25, U.S. Food and Drug Administration - (National) Mr. Goodcents 
Franchise Systems, Inc. voluntarily issues allergy alert on undeclared peanuts in a 
Chocolate Chip Cookie. De Soto, Kansas-based Mr. Goodcents Franchise Systems, 
Inc., issued a voluntary recall of its Chocolate Chip Cookies packaged as 1.0 - 2.5 
ounce cookies per bag September 23 after a restaurant employee found two small 
pieces of peanut fragments in a cookie. The products were distributed from August 31 - 
September 22 in several States. 

Source: http://www.fda.gov/Safety/Recalls/ucm464304.htm 

Water and Wastewater Systems Sector 

13. September 28, Associated Press - (Hawaii) Million gallons of wastewater closes 
beach in Hawaii. Sandy Beach in Honolulu was shut down September 24 after a 
million gallons of treated, but not yet disinfected wastewater discharged from the East 
Honolulu Wastewater Treatment plant for about 5 hours September 23. The incident 
was a result of recent heavy rainfalls that shorted an underground electrical cable which 
feeds power to the chlorination system. 

Source: http://www.fox5nv.com/web/wnyw/news/12979324-storv 

Healthcare and Public Health Sector 

14. September 28, WDAF 4 Kansas City - (Missouri) Shigella on the rise, 150 cases 
confirmed in KC. The Kansas City Health Department along with other medical 
professionals urged residents to use recommended prevention methods including 
washing hands with soap and water and using paper towels to dry them, September 28 
after the number of reported Shigella cases in the city rose to 150. 

Source: http://fox4kc.com/2015/09/25/shigella-on-the-rise-150-cases-confirmed-in-kc/ 
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15. September 25, WRTV 6 Indianapolis - (Indiana) Police: men stole 600+ pills from 
nursing home. Police arrested two men September 24 in connection to an armed 
robbery at Bunker Hill Assisted Living Facility in Miami County, Indiana, where over 
600 narcotic pills were taken. 

Source: http://www.theindvchannel.com/news/local-news/police-men-stole-600-pills- 
from-nur sin g-home 

For additional stories, see items 20 and 21 

Government Facilities Sector 

16. September 28, WSLS 10 Roanoke - (Virginia) Power outage shuts down 2 schools in 
Smyth County. Rich Valley Elementary School and Northwood Middle School in 
Saltville, Virginia, were closed September 28 due to a power outage in a remote area of 
the county. 

Source: http://wsls.com/2015/09/28/power-outage-shuts-down-2-schools-in-smyth- 
county/ 

17. September 28, Dallas Morning News - (Texas) Water leak closes Cedar Valley 
College; power outage displaces classes at TCU. Classes at the main campus of 
Cedar Valley College in Lancaster, Texas, were cancelled September 28 due to a water 
leak. Crews worked to repair the leak and classes were scheduled to resume September 
29. 

Source: http://thescoopblog.dallasnews.com/2015/09/water-leak-closes-cedar-vallev- 
college-in-lancaster-for-a-day.html/ 

18. September 25, Wicked Local Norton - (Massachusetts) Easton school evacuated, 
college classes cancelled after Stonehill College bomb threat. Officials evacuated 
and closed Moreau Hall Elementary School in Easton September 25 after a letter 
containing a bomb threat was found at the nearby Stonehill College, prompting a police 
response. 

Source: http://norton.wickedlocal.com/article/20150925/NEWS/150927103 

19. September 25, Lake County News - (California) Valley fire containment at 92 
percent, new damage numbers released. Crews reached 92-percent containment 
September 25 of the 76,067-acre Valley Fire which has destroyed about 1,958 
structures and displaced an estimated 3,600 residents around the Lake County area. 
Source: http://www.lakeconews.com/index.php?option=com content&view=article&id 
=43542: valley-fire-containment-at-92-percent-new-damage-numbers- 
released&catid= 1 : latest&Itemid= 197 

20. September 24, Associated Press - (National) Audit finds holes in government 
computer system that stores data on HealthCare.gov customers. The U S. 
Department of Health and Human Services Inspector General’s Office released an audit 
September 24 on the Federal Government’s Multidimensional Insurance Data Analytics 
System (MIDAS), and found that the internal computer system, which is used to store 
sensitive personal information on millions of health insurance customers, had issues of 
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security policy and 135 database vulnerabilities. Officials reported that it fixed all the 
problems identified in the audit, including the nearly two dozen that were categorized 
as potentially catastrophic or severe. 

Source: http://www.startribune.com/audit-finds-slipshod-cvber-security-at-healthcare- 
gov/329204921/ 

21. September 24, WGRZ 2 Buffalo - (New York; Pennsylvania) Phone lines restored 
after major outage in WNY. Phone service was restored to all Niagara County 
government buildings and some medical facilities after a 7-hour outage September 24 
following the electrical malfunction of a card located at a facility in Philadelphia that 
provides services to upstate New York. 

Source: http://www.wgrz.com/storv/news/local/2015/09/24/phone-lines-restored-after- 
maior-outage-in-wny/72734048/ 

For another story, see item 22 

Emergency Services Sector 

22. September 25, Middletown Times Herald-Record - (New York) Former Wallkill fire 
commissioner pleads guilty in $240,000 theft. The former chairman of the Wallkill 
Fire District’s Board of Commissioners and a former corrections officer pleaded guilty 
September 25 to tricking a board member into signing blank checks which he cashed 
for himself, stealing nearly $240,000 from the district. The former chairman admitted 
to stealing the funds and laundering them through his wife’s bank account. 

Source: http://www.recordonliiie.com/article/20150925/NEWS/150929533/3330/FRQ 
NTPAGE 

Information Technology Sector 

23. September 28, Securityweek - (International) Mobile ad network abused in DDoS 
attack: CloudFlare. CloudFlare reported that a customer was recently targeted by a 
Layer 7 JavaScript-based distributed denial-of-service (DDoS) attack leveraging a 
mobile ad network in an attack that involved over 1 billion Hypertext Transfer Protocol 
(HTTP) requests per hour. Security researchers warned that the attack could be 
signaling a new trend in DDoS attacks that are more difficult to mitigate. 

Source: http://www.securitvweek.com/mobile-ad-network-abused-ddos-attack- 
cloudflare 



24. September 26, Securityweek - (International) Cookies render HTTPS sessions 
vulnerable to data leaks. The Computer Emergency Readiness Team (CERT) 
published an advisory warning that cookies established via regular Hypertext Transfer 
Protocol (HTTP) requests are a security flaw for HTTP Secure (HTTPS) sessions, and 
that an attacker could set a cookie to be later used via an HTTPS connection instead of 
the original Web site, potentially gaining access to private information. 

Source: http://www.securityweek.com/cookies-render-https-sessions-vulnerable-data- 
leaks 
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25. September 26, Softpedia - (International) Operation Pony Express delivers malware 
via Microsoft Word files. Security researchers from Sophos reported that a spear- 
phishing campaign active from April - May, dubbed Operation Pony Express, utilized 
a documented Microsoft Word vulnerability delivered via an intermediary malware 
downloader. The campaign targeted specific individuals and organizations with emails 
containing fake rich text format (RTF) invoice files purporting to be from RingCentral. 
Source: http://news.softpedia.com/news/operation-pony-express-delivers-malware-via- 
microsoft-word-files-492836.shtml 



26. September 25, Softpedia - (International) Over 2,000 WordPress sites are infecting 
users with spyware. Security researchers from Zscaler discovered a covert spyware 
distribution campaign active since August that has been targeting the latest WordPress 
content management system (CMS) with malicious JavaScript code that uses iframes to 
collect user information and redirects users to pages containing spyware masked as an 
Adobe Flash Player update. The campaign has affected over 2,000 sites and infected 
over 20,000 users. 

Source: http://news.softpedia.com/news/over-2-000-wordpress-sites-are-infecting- 
users-with-spyware-492825.shtml 

27. September 25, Softpedia - (International) Kasidet DDOSing bot adds credit card 
scraping capabilities. Security researchers from TrendMicro discovered a new version 
of the Kasidet/Neutrino distributed denial- of- service (DDoS) bot, which as of March 
added support for scraping a device’s point-of-sale (PoS) random access memory 
(RAM). The bot’s command-and-control (C&C) server also attempts to evade 
mitigation by sending “404 not found” errors to make it appear that it is not working 
properly. 

Source: http://news.softpedia.com/news/kasidet-ddosing-bot-adds-credit-card-scraping- 
capabilities-492802.shtml 

Internet Alert Dashboard 



To report cyber infrastructure incidents or to request information, please contact US-CERT at soc@us-cert.gov or 
visit their Web site: http://www.us-cert.gov 

Information on IT information sharing and analysis can be found at the IT ISAC (Information Sharing and 
Analysis Center) Web site: http://www.it-isac.org 



Communications Sector 

Nothing to report 

Commercial Facilities Sector 

28. September 27, Associated Press - (Arizona) Concert-goers injured after dozens rush 
music festival stage in Arizona. Arizona fire officials reported September 27 that up 
to 40 people were injured at the Summer Ends music festival in Tempe Beach Park 
September 26 after concert-goers rushed the stage when a reggae band came on, 
prompting authorities to cancel a musical set due to a medical emergency. Fans were 
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moved back from the stage while medical professionals tended to the injured. 

Source: http://www.theguardian.com/us-news/2015/sep/27/arizona-music-festival- 
concert-goers-rush-stage 

29. September 26, KUSA 9 Denver - (Colorado) Dozens sickened by unknown drug at 
Red Rocks concert. West Metro Fire Rescue authorities reported September 26 that 20 
concert-goers from the Big Gigantic concert at Red Rocks in Denver were treated on 
site while 13 others were transported to an area hospital after they were sickened by an 
unknown drug at the concert September 25. 

Source: http://www.9news.com/story/news/local/2015/09/26/dozens-sickened-by- 
unknown-drug-at-red-rocks-concert/72883172/ 

30. September 26, Reuters - (National) Hilton says checking claims of hacking at hotels. 
Hilton Worldwide Holdings reported September 26 that it is investigating following 
allegations that hackers compromised registers in gift shops and restaurants at Hilton 
Hotel and franchise properties nationwide, after receiving reports of potential 
fraudulent activity from several banking institutions. 

Source: http://www.reuters.com/article/2015/09/26/us-hilton-wrldwide-cvbersecurity- 
idUSKCN0RQ0NQ20 150926 

Dams Sector 

31. September 25, Salt Lake City Deseret News - (Utah) Utah County reservoir and dam 
get seismic makeover. The U.S. Department of Agriculture’s Natural Resources 
Conservation Service is leading a $5.5 million dam restoration project for the Silver 
Lake Flat Dam in Utah County that will extend the life of the dam and improve 
irrigation, recreation, and wildlife use. The reservoir has been drained to begin work 
and an estimated deadline was set for October 31. 

Source: http://www.deseretnews.com/article/865637623/Utah-County-reservoir-and- 
dam-get-seismic-makeover.html?pg=all 
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Department of Homeland Security (DHS) 

DHS Daily Open Source Infrastructure Report Contact Information 

About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday 
through Friday] summary of open-source published information concerning significant critical 
infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for 10 days on 
the Department of Homeland Security Web site: http://www.dhs.gov/lPDailyReport 

Contact Information 

Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS 

Daily Report Team at (703) 942-8590 

Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow 

instructions to Get e-mail updates when this information changes . 

Removal from Distribution List: Send mail to support @ govdelivery.com . 



Contact DHS 

To report physical infrastructure incidents or to request information, please contact the National Infrastructure 
Coordinating Center at nicc@hq.dhs.gov or (202) 282-9201. 

To report cyber infrastructure incidents or to request information, please contact US-CERT at soc@us-cert.gov or visit 
their Web page at www.us-cert. gov . 

Department of Homeland Security Disclaimer 

The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform 
personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright 
restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source 
material. 
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